Conexion ne s'arréte jamais
snoussix
Messages postés
495
Statut
Membre
-
snoussix Messages postés 495 Statut Membre -
snoussix Messages postés 495 Statut Membre -
Bonjour,
Depuis peu mon ordinateur a un comportement bizarre : conexion toujours en marche mon antivirus a été endomagé et il a fallu le retélécharger .... j'ai peur que pendant la période ou l'antivirus était endomagé ( pour des raisons que je ne connais pas ) alors j'ai fait un rapport random's system information tool
voici ci dessous le fichier log je voudrais savoir si possible si mon pc est infecté:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Khalil\Bureau\RSIT.exe
C:\Program Files\trend micro\Khalil.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A58AEBA3-8876-4935-963E-A445176AB989}: NameServer = 62.251.229.241 62.251.229.223
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 7741 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2010-04-15 2515552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2010-04-15 2515552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"ares"=C:\Program Files\Ares\Ares.exe [2010-02-08 1015808]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"AllowLegacyWebView"=1
"AllowUnhashedWebView"=1
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"I:\ares\Ares.exe"="I:\ares\Ares.exe:*:Enabled:Ares p2p for windows"
"I:\ares\chatServer.exe"="I:\ares\chatServer.exe:*:Disabled:Ares Chat Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
======List of files/folders created in the last 3 months======
2010-08-28 21:16:52 ----DC---- C:\Program Files\trend micro
2010-08-28 21:16:43 ----DC---- C:\rsit
2010-08-25 21:13:25 ----DC---- C:\Documents and Settings\Khalil\Application Data\Avira
2010-08-22 21:16:35 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-08-22 21:15:49 ----DC---- C:\Program Files\SpywareBlaster
2010-08-22 00:19:03 ----C---- C:\WINDOWS\system32\spmsg.dll
2010-08-14 16:43:05 ----AC---- C:\Boot.bak
2010-08-14 16:42:56 ----RASHDC---- C:\cmdcons
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\zip.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\SWXCACLS.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\SWSC.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\SWREG.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\sed.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\PEV.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\NIRCMD.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\MBR.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\grep.exe
2010-08-14 16:39:28 ----SDC---- C:\ComboFix
2010-08-13 17:48:18 ----DC---- C:\WINDOWS\ERDNT
2010-08-13 17:41:48 ----DC---- C:\Qoobox
2010-08-13 16:49:13 ----AC---- C:\Ad-Report-CLEAN[1].txt
2010-08-12 10:07:44 ----DC---- C:\Documents and Settings\Khalil\Application Data\vlc
2010-08-11 20:11:15 ----DC---- C:\Program Files\MPC HomeCinema
2010-06-14 20:33:41 ----DC---- C:\Program Files\PHPNukeFR
======List of files/folders modified in the last 3 months======
2010-08-28 21:16:52 ----DC---- C:\Program Files
2010-08-28 14:41:46 ----DC---- C:\Program Files\Mozilla Firefox
2010-08-28 11:06:22 ----DC---- C:\WINDOWS\Temp
2010-08-28 11:04:50 ----DC---- C:\WINDOWS\system32\CatRoot2
2010-08-28 11:02:38 ----SHD---- C:\WINDOWS\CSC
2010-08-27 17:59:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-26 15:53:14 ----DC---- C:\Documents and Settings\Khalil\Application Data\HPAppData
2010-08-25 21:28:36 ----DC---- C:\WINDOWS\system32\NtmsData
2010-08-25 21:27:56 ----DC---- C:\WINDOWS\repair
2010-08-25 21:27:50 ----DC---- C:\WINDOWS\Registration
2010-08-25 20:16:54 ----SHDC---- C:\WINDOWS\Installer
2010-08-25 20:16:49 ----HDC---- C:\Config.Msi
2010-08-25 20:16:43 ----DC---- C:\WINDOWS\WinSxS
2010-08-25 20:16:32 ----DC---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-08-25 20:14:13 ----DC---- C:\WINDOWS\Prefetch
2010-08-24 15:57:40 ----AC---- C:\WINDOWS\adidsl.ini
2010-08-22 21:15:55 ----DC---- C:\WINDOWS\system32
2010-08-22 10:31:08 ----DC---- C:\WINDOWS
2010-08-22 00:19:42 ----DC---- C:\WINDOWS\system32\CatRoot
2010-08-22 00:19:18 ----HDC---- C:\WINDOWS\inf
2010-08-17 17:10:35 ----DC---- C:\Documents and Settings\Khalil\Application Data\dvdcss
2010-08-14 16:44:08 ----DC---- C:\WINDOWS\system32\drivers
2010-08-14 16:43:05 ----RASHC---- C:\boot.ini
2010-08-12 20:09:49 ----AC---- C:\WINDOWS\imsins.BAK
2010-08-12 19:02:57 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-12 19:02:35 ----DC---- C:\WINDOWS\Help
2010-08-12 19:02:06 ----DC---- C:\WINDOWS\Cursors
2010-08-12 19:01:32 ----DC---- C:\Program Files\Windows NT
2010-08-12 09:31:48 ----DC---- C:\WINDOWS\system
2010-08-11 06:24:11 ----DC---- C:\WINDOWS\SxsCaPendDel
2010-08-10 15:35:04 ----DC---- C:\Program Files\Windows Live
2010-07-23 18:16:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-23 18:16:00 ----DC---- C:\Program Files\Internet Explorer
2010-07-23 18:15:59 ----DC---- C:\WINDOWS\system32\fr-FR
2010-07-23 18:13:29 ----DC---- C:\WINDOWS\ie8updates
2010-07-23 18:09:08 ----DC---- C:\WINDOWS\WBEM
2010-07-23 18:09:07 ----DC---- C:\WINDOWS\Media
2010-07-23 18:09:06 ----SDC---- C:\WINDOWS\Tasks
2010-07-23 17:58:28 ----DC---- C:\Program Files\TuneUp Utilities 2009
2010-07-23 17:45:24 ----DC---- C:\Program Files\Microsoft Office
2010-07-23 17:43:19 ----DC---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2010-07-16 22:45:53 ----AC---- C:\WINDOWS\win.ini
2010-06-14 20:15:57 ----DC---- C:\Documents and Settings\Khalil\Application Data\Image Zone Express
2010-06-09 16:11:56 ----AC---- C:\WINDOWS\ntbtlog.txt
2010-06-01 18:21:04 ----DC---- C:\Program Files\Fichiers communs\Adobe
2010-06-01 18:14:18 ----DC---- C:\WINDOWS\addins
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-03 46720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 TICalc;TICalc; C:\WINDOWS\system32\drivers\TICalc.sys [1999-08-30 9152]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-06-24 127497]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2008-03-03 1405632]
R3 esihdrv;esihdrv; \??\C:\DOCUME~1\Khalil\LOCALS~1\Temp\esihdrv.sys []
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-24 5888]
R3 SiSV;SiSV; C:\WINDOWS\system32\DRIVERS\SiSV.sys [2001-08-17 50432]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S0 yebn;yebn; C:\WINDOWS\System32\drivers\bpvoexm.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 SilverLink;Texas Instruments SilverLink (USB GraphLink) Cable; C:\WINDOWS\System32\Drivers\SilvrLnk.sys [2004-01-28 21456]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-16 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\PEV.cfxxe [2010-04-26 256512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
-----------------EOF-----------------
--
ccm 7tal lmout
Depuis peu mon ordinateur a un comportement bizarre : conexion toujours en marche mon antivirus a été endomagé et il a fallu le retélécharger .... j'ai peur que pendant la période ou l'antivirus était endomagé ( pour des raisons que je ne connais pas ) alors j'ai fait un rapport random's system information tool
voici ci dessous le fichier log je voudrais savoir si possible si mon pc est infecté:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Khalil\Bureau\RSIT.exe
C:\Program Files\trend micro\Khalil.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: PHPNukeFR Toolbar - {1c491116-c175-45e1-a570-6fb14fea8b7b} - C:\Program Files\PHPNukeFR\tbPHPN.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Download All using 4shared Desktop - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.files-ftp.com/~unicorni/phpBB2/index.php
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A58AEBA3-8876-4935-963E-A445176AB989}: NameServer = 62.251.229.241 62.251.229.223
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\PEV.cfxxe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\system32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
--
End of file - 7741 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c491116-c175-45e1-a570-6fb14fea8b7b}]
PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2010-04-15 2515552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-16 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1c491116-c175-45e1-a570-6fb14fea8b7b} - PHPNukeFR Toolbar - C:\Program Files\PHPNukeFR\tbPHPN.dll [2010-04-15 2515552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"Adobe ARM"=C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"ares"=C:\Program Files\Ares\Ares.exe [2010-02-08 1015808]
"SuperCopier2.exe"=C:\Program Files\SuperCopier2\SuperCopier2.exe [2009-08-16 955392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe []
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"AllowLegacyWebView"=1
"AllowUnhashedWebView"=1
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Enabled:Ares p2p for windows"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"I:\ares\Ares.exe"="I:\ares\Ares.exe:*:Enabled:Ares p2p for windows"
"I:\ares\chatServer.exe"="I:\ares\chatServer.exe:*:Disabled:Ares Chat Server"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\HPWUCli.exe"="C:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
======List of files/folders created in the last 3 months======
2010-08-28 21:16:52 ----DC---- C:\Program Files\trend micro
2010-08-28 21:16:43 ----DC---- C:\rsit
2010-08-25 21:13:25 ----DC---- C:\Documents and Settings\Khalil\Application Data\Avira
2010-08-22 21:16:35 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-08-22 21:15:49 ----DC---- C:\Program Files\SpywareBlaster
2010-08-22 00:19:03 ----C---- C:\WINDOWS\system32\spmsg.dll
2010-08-14 16:43:05 ----AC---- C:\Boot.bak
2010-08-14 16:42:56 ----RASHDC---- C:\cmdcons
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\zip.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\SWXCACLS.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\SWSC.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\SWREG.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\sed.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\PEV.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\NIRCMD.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\MBR.exe
2010-08-14 16:39:39 ----AC---- C:\WINDOWS\grep.exe
2010-08-14 16:39:28 ----SDC---- C:\ComboFix
2010-08-13 17:48:18 ----DC---- C:\WINDOWS\ERDNT
2010-08-13 17:41:48 ----DC---- C:\Qoobox
2010-08-13 16:49:13 ----AC---- C:\Ad-Report-CLEAN[1].txt
2010-08-12 10:07:44 ----DC---- C:\Documents and Settings\Khalil\Application Data\vlc
2010-08-11 20:11:15 ----DC---- C:\Program Files\MPC HomeCinema
2010-06-14 20:33:41 ----DC---- C:\Program Files\PHPNukeFR
======List of files/folders modified in the last 3 months======
2010-08-28 21:16:52 ----DC---- C:\Program Files
2010-08-28 14:41:46 ----DC---- C:\Program Files\Mozilla Firefox
2010-08-28 11:06:22 ----DC---- C:\WINDOWS\Temp
2010-08-28 11:04:50 ----DC---- C:\WINDOWS\system32\CatRoot2
2010-08-28 11:02:38 ----SHD---- C:\WINDOWS\CSC
2010-08-27 17:59:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-26 15:53:14 ----DC---- C:\Documents and Settings\Khalil\Application Data\HPAppData
2010-08-25 21:28:36 ----DC---- C:\WINDOWS\system32\NtmsData
2010-08-25 21:27:56 ----DC---- C:\WINDOWS\repair
2010-08-25 21:27:50 ----DC---- C:\WINDOWS\Registration
2010-08-25 20:16:54 ----SHDC---- C:\WINDOWS\Installer
2010-08-25 20:16:49 ----HDC---- C:\Config.Msi
2010-08-25 20:16:43 ----DC---- C:\WINDOWS\WinSxS
2010-08-25 20:16:32 ----DC---- C:\Program Files\Fichiers communs\Microsoft Shared
2010-08-25 20:14:13 ----DC---- C:\WINDOWS\Prefetch
2010-08-24 15:57:40 ----AC---- C:\WINDOWS\adidsl.ini
2010-08-22 21:15:55 ----DC---- C:\WINDOWS\system32
2010-08-22 10:31:08 ----DC---- C:\WINDOWS
2010-08-22 00:19:42 ----DC---- C:\WINDOWS\system32\CatRoot
2010-08-22 00:19:18 ----HDC---- C:\WINDOWS\inf
2010-08-17 17:10:35 ----DC---- C:\Documents and Settings\Khalil\Application Data\dvdcss
2010-08-14 16:44:08 ----DC---- C:\WINDOWS\system32\drivers
2010-08-14 16:43:05 ----RASHC---- C:\boot.ini
2010-08-12 20:09:49 ----AC---- C:\WINDOWS\imsins.BAK
2010-08-12 19:02:57 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-12 19:02:35 ----DC---- C:\WINDOWS\Help
2010-08-12 19:02:06 ----DC---- C:\WINDOWS\Cursors
2010-08-12 19:01:32 ----DC---- C:\Program Files\Windows NT
2010-08-12 09:31:48 ----DC---- C:\WINDOWS\system
2010-08-11 06:24:11 ----DC---- C:\WINDOWS\SxsCaPendDel
2010-08-10 15:35:04 ----DC---- C:\Program Files\Windows Live
2010-07-23 18:16:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-23 18:16:00 ----DC---- C:\Program Files\Internet Explorer
2010-07-23 18:15:59 ----DC---- C:\WINDOWS\system32\fr-FR
2010-07-23 18:13:29 ----DC---- C:\WINDOWS\ie8updates
2010-07-23 18:09:08 ----DC---- C:\WINDOWS\WBEM
2010-07-23 18:09:07 ----DC---- C:\WINDOWS\Media
2010-07-23 18:09:06 ----SDC---- C:\WINDOWS\Tasks
2010-07-23 17:58:28 ----DC---- C:\Program Files\TuneUp Utilities 2009
2010-07-23 17:45:24 ----DC---- C:\Program Files\Microsoft Office
2010-07-23 17:43:19 ----DC---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2010-07-16 22:45:53 ----AC---- C:\WINDOWS\win.ini
2010-06-14 20:15:57 ----DC---- C:\Documents and Settings\Khalil\Application Data\Image Zone Express
2010-06-09 16:11:56 ----AC---- C:\WINDOWS\ntbtlog.txt
2010-06-01 18:21:04 ----DC---- C:\Program Files\Fichiers communs\Adobe
2010-06-01 18:14:18 ----DC---- C:\WINDOWS\addins
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 viaagp;Filtre de bus AGP VIA; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 P3;Pilote processeur Intel Pentium III; C:\WINDOWS\system32\DRIVERS\p3.sys [2004-08-03 46720]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 TICalc;TICalc; C:\WINDOWS\system32\drivers\TICalc.sys [1999-08-30 9152]
R3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-06-24 127497]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2008-03-03 1405632]
R3 esihdrv;esihdrv; \??\C:\DOCUME~1\Khalil\LOCALS~1\Temp\esihdrv.sys []
R3 HidUsb;Pilote de classe HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Pilote HID de souris; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-24 5888]
R3 SiSV;SiSV; C:\WINDOWS\system32\DRIVERS\SiSV.sys [2001-08-17 50432]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S0 yebn;yebn; C:\WINDOWS\System32\drivers\bpvoexm.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-12-06 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-12-06 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 SilverLink;Texas Instruments SilverLink (USB GraphLink) Cable; C:\WINDOWS\System32\Drivers\SilvrLnk.sys [2004-01-28 21456]
S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-16 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2004-08-03 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\PEV.cfxxe [2010-04-26 256512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-03 14336]
-----------------EOF-----------------
--
ccm 7tal lmout
A voir également:
- Conexion ne s'arréte jamais
- Gmail conexion - Guide
- Quickstep android s'arrête systématiquement ✓ - Forum Téléphones & tablettes Android
- Parametre s'arrête systématiquement samsung - Forum Samsung
- Message s'arrête systématiquement xiaomi - Forum Xiaomi
- &Quot;Cette application s'arrête systématiquement" - Forum Samsung
